RADIUS as a Service

RADIUS as a Service

RADIUS as a Service

SURF is conducting research into the possibilities of RADIUS as a Service, as a supplement to SURFwireless or as a separate service. We are looking to see if we can monitor and manage RADIUS servers in one centrally managed environment that can easily and securely provide links to, for example, eduroam.

Managing RADIUS servers

Education and research institutions all have a private RADIUS server. This server controls various network activities, such as access to websites and the private Wi-Fi environment. The server verifies that you are who you say you are, for example when logging in to eduroam. Since institutions have private RADIUS servers, management is currently regulated locally.

RADIUS servers are fairly complex systems, often based on Unix. As an institution, you need technical knowledge on-premises for monitoring and managing your own server. Troubleshooting is performed by specialists who are not working in the first line support department. This means that this support department cannot always provide users with optimal support.

Centrally managed RADIUS environment

SURF is examining the possibilities of RADIUS as a Service. We are looking to see if we can have monitoring and management performed in one environment that can easily and securely provide links to, for example, eduroam. From the centrally managed environment we can then test and optimise applications, before we roll them out. We can easily make adjustments within different authentication attributes. Working from one environment also makes managing more efficient for the institutions than with the current decentralised approach.

Planned activities

We are currently looking to see if we can integrate RADIUS as a Service with SURFwireless, and whether we can offer it as a separate service.

We have checked with the institutions whether there is a need for central RADIUS server management. There is indeed a need, and that is why we are now considering the best role for SURF for providing the institutions with the best possible support. One of the questions is whether we are going to develop a service ourselves or whether it would be better to start with a product from the market. In order to answer this question, we are going to perform tests with a proof-of-concept and have an advisory report drawn up.